Malware

The popular AUR helper yay released version 13 on June 18 with new tools to help users detect risky packages. The update follows multiple waves of malware that compromised over 1,500 packages in the Arch User Repository.

June 16, 2026 Reported by AI

Arch Linux has disabled new account registrations for the Arch User Repository following multiple waves of malicious package updates. The move comes after more than 1,500 packages were compromised last week.

Law enforcement agencies from the United States and Europe, supported by private partners, have taken down the SocksEscort cybercrime proxy network. This service, powered by the AVRecon malware infecting Linux-based devices, provided cybercriminals with access to compromised IP addresses. The operation resulted in the seizure of domains, servers, and cryptocurrency assets.

March 11, 2026 Reported by AI

Researchers at Black Lotus Labs have identified a botnet infecting around 14,000 routers daily, mostly Asus models in the US, using advanced peer-to-peer technology to evade detection. The malware, known as KadNap, turns these devices into proxies for cybercrime activities. Infected users are advised to factory reset their routers and apply firmware updates to remove the threat.

A North Korean hacking group known as UNC1069 has employed AI-generated videos to deliver malware targeting both macOS and Windows systems. This tactic highlights evolving methods in cyber threats. The development was reported by TechRadar on February 11, 2026.

January 30, 2026 Reported by AI

Cyble Research and Intelligence Labs has revealed ShadowHS, a sophisticated fileless framework for post-exploitation on Linux systems. The tool enables stealthy, in-memory operations and long-term access for attackers. It features a weaponized version of hackshell and advanced evasion techniques.